Recently my email has been exploding with past clients asking – no, begging – for help with their WordPress websites. Often it is a security message in their browser saying their site is no longer secure:

And sometimes it’s too late, and their site is completely taken over:

WordPress websites have exploded over the last two years; they’re one of the most popular website designing platforms out there today. Not only does WordPress’ popularity increase its vulnerability, but hackers have devised a multitude of ways to infect the platform. If you have a WordPress site, then you are always going to be vulnerable.

What causes WordPress to be vulnerable to hackers and malware

According to Smashing Magazine, there are three main reasons WordPress sites are more vulnerable to hackers and malware: outdated versions of WordPress, plugins and themes, and popularity.

Outdated versions of WordPress. WordPress releases updates nearly every week. Most updates include the most recent security bug fixes. Many website owners fail to log into their sites regularly to update the WordPress core files. Even worse, those who do log in regularly ignore the message, leaving them exposed to a breach.

Plugins and themes. Just as the core needs updating, your theme and plugins need to remain compatible. They will have bugs and security patches of their own. And that’s only a factor for the plugins you have installed. There are literally thousands of plugins that are FAKE! Yes, you heard us right. One of the most common ways for your site to become compromised is by installing a fake plugin that is actually malware. So the more plugins and themes you have installed in your site, the greater the threat of a breach.

Plugin compatibility – just like the pharmacy that checks for prescription conflicts, you can’t just add plugins to your site. We know which are trusted and work well with others and if updates affect your site we quickly advise you on what needs to be done.

Popularity. Remember what we said above… WordPress has EXPLODED in popularity over the last few years. In fact, YourSiteNeedsMe has converted entirely to WordPress website design. Why? Because the technology is better, the search engines love it, and it is flexible and adaptable. But with that said, it’s like a huge target just waiting to be struck.

“WordPress is popular, without a doubt. Around 700 million websites were recorded as using WordPress in May of this year. This popularity means that if a hacker can find a way into one WordPress website, they have potentially millions of websites for a playground. They don’t need to hack websites that use the current version of WordPress; they can scan for websites that use old unsecure versions and hack those.”

We would like to add our own fourth reason as well: login security. Too many users use the most simple usernames and passwords for their logins. ‘admin’ is THEE most common username and should NEVER be used; it’s also the easiest hacker target. One client’s site was easily hacked by a competitor wanting to steal his business. Who knows how long that went unnoticed before it was corrected! Having an easy-to-guess username and password opens your WordPress site up no matter how well you stay on top of updates. If your username and password aren’t secure, then neither is your site.

How can you protect your WordPress site from Hackers?

The bad news is most WordPress web site owners, once they get their site from whoever made it, are left unprotected and at risk of losing leads and ultimately what they paid thousands to have built. Those that pay monthly for a webmaster are unknowingly at the mercy of said person having the time in their busy schedule to perform these much needed updates which occur more often. We have had clients pay companies that were merely a “one man show” and they didn’t update for months because they couldn’t get to it.

Consequently, backups are not done or easily accessible to you the client, plugin updates are not updated quickly enough and security is not extensive and this is the industry standard for those PAYING for webmastering!

The good news is that we do have an answer. We’ve come up with a simple solution that will provide you with the peace of mind to know your site is backed up, updated, and safe and secure from hack attempts. We like to call it the WP-SUB. It’s our WordPress Security, Updates and Backup package. You can sign up monthly or yearly. Here’s what it does:

WordPress ​Website backup: Back up your site EVERY WEEK so that if anything happens – your site is hacked, a user makes a mistake, plugin is updated without checking compatibility – we can restore it in MINUTES! We ALWAYS have your site backed up and safe.

WordPress Security: With premium security plugins, we can protect your WordPress website from attacks and hacking. The built-in Malware and Security Scanner helps block hackers from attempting to log into your site by setting up extra layers of security on your admin login page. It helps identify any security risks, malicious codes, spam, viruses, SQL injection attacks, and security vulnerabilities.

WordPress Updates: Make sure your WordPress platform and plugins are always up to date! WordPress adds new features, updates and fixes to security bugs all the time. In fact, we find that WordPress is offering updates between two and four times a month JUST on the main platform! Plugins need even more attention because the average site has 10 to 15 plugins (or more). Keeping WordPress and all of your plugins up-to-date with the latest software is just as important as keeping your site secure and staying on top of the latest technology changes.

These three things combined represent the most important protection to the safety and integrity of your site. We started offering this service due to the increased amount of attacks on our clients’ websites over the last year, which resulted in thousands of dollars worth of work lost and hundreds of hours spent recovering or rebuilding sites.

The internet is the #1 place that your customers go to get information… and it’s a virtual playroom for hackers and thieves. Why take that kind of chance? Protect your investment with a WordPress Security, Updates and Backup package from YourSiteNeedsMe.